<?php
	require_once("conn.php");

	session_start();
	mysql_select_db($dataname,$conn);
	$query_rs_types = "select * from types order by type_id ASC";
	mysql_query("set names 'gbk'");
	$rs_types = mysql_query($query_rs_types,$conn) or die(mysql_error());
	$row_rs_types = mysql_fetch_assoc($rs_types);



	mysql_select_db($dataname,$conn);
	$query_rs_config = "select * from config";
	$rs_config = mysql_query($query_rs_config,$conn) or die(mysql_error());
	$row_rs_config = mysql_fetch_assoc($rs_config);

	if(isset($_POST['username'])){
		$loginUsername = $_POST['username'];
		$password = $_POST['password'];
		mysql_select_db($dataname,$conn);
		$query_login = sprintf("select username,password from users where
		username='%s' and password='%s'",
		get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername),
		get_magic_quotes_gpc() ? $password : addslashes($password));

		$rs_login = mysql_query($query_login,$conn) or die(mysql_error());
		$loginFoundUser = mysql_num_rows($rs_login);

		if($loginFoundUser){
			$_SESSION['MM_Username'] = $loginUsername;
			header("Location: admin_list.php");
		}
		else{
		header("Location: index.php");
		}
	}
	include('templates/tadmin_login.php');

	mysql_free_result($rs_config);
	mysql_free_result($rs_types);
?>